4 Preparing Back-End Components for WebCenter Services

Oracle WebCenter provides a set of WebCenter Services that expose social networking and personal productivity features for inclusion in custom WebCenter application, as well as use within the WebCenter Spaces application. Some of these services, such as Worklist and Search, rely on back-end components. This chapter describes the tasks required to install such back-end components and integrate them with Oracle WebCenter. The chapter also describes the tasks involved in configuring an external LDAP-based identity store.

4.1 Introduction to WebCenter Services

WebCenter Services help to create a dynamic and interactive environment for users through various services. These services can be integrated into WebCenter applications - both custom WebCenter applications and WebCenter Spaces applications. If a service relies on a back-end component, you must perform the following task to enable users to integrate that service into an application:

Install the required back-end component

Configure the back-end component, if required

Set up a connection to the back-end component

Table 4-1 describes WebCenter Services and lists the back-end component, if any, required for each service.

Note:

Many of the WebCenter Services listed in Table 4-1 rely only on a database for their functionality, as opposed to a separate back-end product. To integrate such services into your WebCenter applications, you must ensure that a supported database is available with the required schemas. For information about:

The Wiki and Blog services rely on Oracle WebCenter Wiki and Blog Server, and the Discussions and Announcements services rely on Oracle WebCenter Discussions. You can choose to install these servers either while installing Oracle WebCenter or later by extending your WebCenter domain. For information about:

Provides the ability to assign one or more personally relevant keywords to a given page or document, making those items more easily discoverable in search results.

A supported database containing MDS and WEBCENTER schemas

Wiki

Provides the ability for geographically diverse teams to originate and collaborate on web documents.

Oracle WebCenter Wiki and Blog Server

Worklist

Provides a personal, at-a-glance view of business processes that require attention. These can include a request for document review and other types of business process that come directly from enterprise applications.

4.2 Back-End Requirements for the Instant Messaging and Presence (IMP) Service

The Instant Messaging and Presence (IMP) service relies on a back-end communication server. Oracle WebCenter is certified with Microsoft Live Communications Server 2005, and can be integrated with SIP-based communication servers.

Note:

The IMP service can also be integrated with Oracle WebLogic Communications Services (OWLCS) 11g. However, OWLCS 11g is available for development and evaluation purpose only. You can download it from Oracle Technology Network (OTN) at:

4.2.1 Communication Server - Installation

For information about installing Microsoft Live Communications Server 2005, refer to the relevant Microsoft documentation. To use Microsoft Live Communications Server 2005 as the communication server for the IMP service, you must first deploy the Oracle RTC web services for Microsoft Live Communications Server 2005. For information, see the "LCS - Configuration" section in the Oracle Fusion Middleware Administrator's Guide for Oracle WebCenter.

To use a SIP-based communication server, refer to its product documentation for server installation and configuration.

4.2.2 Communication Server - Configuration and Integration

If an LDAP-based identity store is not used for your Oracle WebCenter environment, then you must create WebCenter users on your communication server. For information about creating users on a communication server, refer to your communication server's product documentation.

4.3 Back-End Requirements for Content Integration and the Documents Service

The Documents service and content integration capabilities of Oracle WebCenter enable application developers to integrate content into their applications from local file systems and external content repositories. Oracle WebCenter supports content integration with the following external repositories:

Oracle Content Server 10.1.3.5.1

Oracle Portal 11g

Note:

You may configure WebCenter Spaces to use Oracle Content Server or Oracle Portal as external content repositories. However, WebCenter Spaces requires Oracle Content Server to be the default repository to enable the personal folder and group space folder functionality.

Run the WebCenter configuration script, wc_contentserverconfig to upgrade Oracle Content Server 10.1.3.3.3 and prepare it to work with Oracle WebCenter. This script is available in the root directory of the UCM media shipped with Oracle WebCenter.

The WcConfigure component performs the following tasks to configure Oracle Content Server for Oracle WebCenter:

Sets configuration values for UseAccounts and IsAutoNumber to true and for AutoNumberPrefix to IDC_Name, if not set already.

Updates, if necessary, the JDBC password and its encoding from ClearText to Intradoc.

Adds the document type DOCUMENT.

Configures folders so that dDocType and dSecurityGroup are inherited, and the system default information is set as follows: dDocType=DOCUMENT and dSecurityGroup=Public.

Sets EnableIdcProfileField=1. This entry makes the server create a new metadata field named xIdcProfile and configure the field to use a view of profile trigger values called ProfileTriggerValues. The server then sets the profile trigger to the xIdcProfile metadata field, if not already set.

To run the wc_contentserverconfig WebCenter configuration script:

Navigate to the webcenter-conf directory, which is in the root directory of the UCM media shipped with Oracle WebCenter.

Run the following command:

On UNIX:

./wc_contentserverconfig.shcontent_server_dirpath_to_source_directory

Where, content_server_dir refers to the Oracle Content Server 10.1.3.3.3 installation directory and path_to_source_directory refers to the webcenter-conf directory on the UCM media.

To restart Admin Server: If Admin Server is running as a Windows service, you can restart the service by choosing Start, Settings, Control Panel, Administrative Tools, and Services. Then, right-click the applicable IDC Content Admin Service service and choose Restart.

To restart Oracle Content Server: If Oracle Content Server is running as a Windows service, you can restart the service by choosing Start, Settings, Control Panel, Administrative Tools, and Services. Then, right-click the applicable IDC Content Service service and choose Restart.

If Oracle Content Server is running as an application, you can restart the server by simply closing the Oracle Content Server window and starting it again.

For information about how to start, stop, or restart Oracle Content Server, see the Content Server Installation Guide for Microsoft Windows available here:

4.3.1.3 Oracle Content Server - Configuration

If you choose to use Oracle Content Server as your external content repository, you must configure it with an LDAP-based identity store. For identity propagation, Oracle Content Server and Oracle WebCenter must use the same LDAP identity store. You can optionally configure Oracle Content Server for full-text search support. It is recommended that you use the OracleTextSearch option for enabling full-text search. To provide additional security for connections between WebCenter applications or components, you can enable Secure Sockets Layer (SSL) on Oracle Content Server.

You must configure Oracle Content Server to work with Oracle HTTP Server. Oracle HTTP Server configuration enables you to manage Oracle Content Server through a browser or add content on the server through WebDAV. This section describes how to configure Oracle Content Server to work with Oracle HTTP Server.

Note:

Oracle Content Server and Oracle HTTP Server must be installed on the same system.

To configure Oracle Content Server to work with Oracle HTTP Server:

Shut down Oracle Content Server and the Admin Server, if running:

To stop Oracle Content Server, run this command:

content_server_dir/etc/idcserver_stop

To stop the Admin Server, run this command:

content_server_dir/admin/etc/idcadmin_stop

In the config.cfg file, add the SocketHostAddressSecurityFilter entry, if not already present. The file is located in the content_server_dir/config directory. Set the entry to a pipe-delimited list of all hosts allowed to access Oracle Content Server.

For example:

SocketHostAddressSecurityFilter=127.0.0.1 |allowed_host_IP

Where: allowed_host_IP refers to IP addresses of all hosts allowed to connect to Oracle Content Server through a TCP socket port. This must include the network IP address of the server on which Oracle Content Server is installed.

Edit the content_server_dir/admin/bin/intradoc.cfg file to add the SocketHostAddressSecurityFilter entry if the entry is not there in the file. See step 2 for values of this entry.

Restart Oracle Content Server and Admin Server.

To configure Oracle HTTP Server for Oracle Content Server:

Open the httpd.conf file. This file is available at the following path:

4.3.1.4 Oracle Content Server - Integration

After configuring Oracle Content Server, you must set up content repository connections to the server to enable integration of the Documents service into your WebCenter applications. For information about how you can register content repositories and manage connections for WebCenter Spaces and any other WebCenter application deployed to a managed server, see the "Managing Content Repositories" chapter in the Oracle Fusion Middleware Administrator's Guide for Oracle WebCenter.

4.4 Back-End Requirements for the Mail Service

The Mail service relies on a mail server, such as Microsoft Exchange Server 2003, that supports IMAP4 and SMTP protocols. To install a mail server, refer to the documentation of the required product.

To enable WebCenter users to access the Mail service from within a WebCenter application, it is essential that users created on the mail server correspond with the users created in Oracle WebCenter's identity store. For information about adding users on a mail server, refer to the product documentation of your server. For more information about adding users to an identity store, see the "Configuring the Identity Store" section in the Oracle Fusion Middleware Administrator's Guide for Oracle WebCenter.

4.5 Back-End Requirements for the Search Service

To search for content created by other WebCenter Services within Oracle WebCenter applications, the Search service does not require any separate back-end installation. However, you can extend WebCenter searches to include external content repositories by using Oracle Secure Enterprise Search (Oracle SES). Oracle SES provides a crawler-based service that can search a multitude of sources, structured and unstructured, in a variety of file formats, indexed or real-time.

For WebCenter users to be able store and retrieve tasks from a BPEL server, it is essential that their user names exist in the identity stores used by WebCenter applications and the BPEL server. You can achieve this by creating identical user names in both the identity stores or by using a shared LDAP-based identity store for Single Sign-On (SSO) authentication.

4.7 Back-End Requirements for WebCenter Spaces Workflows

WebCenter Spaces provides several prebuilt workflows that handle group space membership notifications, group space subscription requests, and so on. WebCenter Spaces workflows rely on the BPEL server that is provided by Oracle SOA Suite. Table 4-3 describes the tasks that you must perform to enable workflow functionality in WebCenter Spaces.

For WebCenter users to be able store and retrieve tasks from a BPEL server, it is essential that their user names exist in the identity stores used by WebCenter applications and the BPEL server. You can achieve this by creating identical user names in both the identity stores or by using a shared LDAP-based identity store for Single Sign-On (SSO) authentication.

4.7.2 Oracle SOA Server - Workflow Deployment

WebCenter Spaces workflows are deployed to an Oracle SOA server. To prepare a SOA server for workflows, you must deploy the following files to the server:

sca_CommunityWorkflows.jar, this application contains the workflow logic that determines the task flows to be generated and API to be invoked. This composite is located at the following path in your Oracle SOA installation:

WebCenterWorklistDetailApp.ear, this application contains task detail pages that provide the user interface elements for workflows. The application is located at the following path in your Oracle SOA installation:

SOA_ORACLE_HOME/webcenter/applications/WebCenterWorklistDetailApp.ear

4.7.2.1 Deploying sca_CommunityWorkflows.jar

You can deploy sca_CommunityWorkflows.jar by using any of the following methods based on your preference:

This section describes how to deploy the JAR by using Fusion Middleware Control.

To deploy the sca_CommunityWorkflows.jar by using Fusion Middleware Control:

To start Fusion Middleware Control, enter the URL in the following format in your web browser:

http://host_name.domain_name:port_number/em

For example: http://myhost.example.com:7001/em

Enter the Oracle Fusion Middleware administrator user name and password and click Login.

Only the Fusion Middleware administrator can log on to Fusion Middleware Control. The default user name for the administrator user is weblogic. This is the account you can use to log on to Fusion Middleware Control for the first time.

4.7.3 Oracle SOA and Oracle WebCenter - WS-Security Configuration

WebCenter Spaces Web services, deployed to Oracle WebCenter, facilitate communication between WebCenter Spaces and the SOA server. You must secure these Web service calls. To do this, set up WS-Security on the SOA server and WebCenter Spaces.

You can configure the Worklist service and WebCenter Spaces workflows to either share the same BPEL server connection or use separate connections.

In Oracle Enterprise Manager Fusion Middleware Control, you register a BPEL server connection by adding a Worklist connection. By default, this connection is configured to be used both by the Worklist service and the WebCenter Spaces application. There is no separate option available for adding a BPEL server connection for WebCenter Spaces.

4.8 Configuring an External LDAP-Based Identity Store

By default, WebCenter applications use Oracle WebLogic Server's embedded LDAP identity store for storing user accounts and groups, and an XML file-based policy store for storing policy grants. Although secure, the embedded LDAP identity store is not a "production-class" store and should be replaced with an external LDAP-based identity store, such as Oracle Internet Directory, for enterprise production environments. Further, the default XML file-based policy store can be used only for single-node WebCenter configurations. For multi-node configurations, you must reassociate the policy and credential store with an external LDAP-based identity store.

Table 4-4 describes the tasks that you must perform to configure an external LDAP-based identity store for Oracle WebCenter.

You can configure WebCenter Spaces as well as WebCenter Services back-ends to use a shared external LDAP-based identity store. If you wish to configure a shared external LDAP-based identify store, perform the tasks listed in Table 4-4, then those listed in Table 4-5.

Note:

If you want to configure a shared external LDAP-based identity store, then WebCenter Spaces applications and all the back-end components configured for your WebCenter Services must use the same external LDAP-based identity store.

Table 4-5 lists the back-end components for various WebCenter Services and specifies the out-of-the-box identity store support available for these components. Table 4-5 also describes whether additional configuration is required for any back-end component if a shared external LDAP-based identity store is used.

Configure Oracle SES to use the same external LDAP-based identity store as Oracle WebCenter.

For information about configuring LDAP in Oracle SES, see the "Security in Oracle Secure Enterprise Search" chapter in the Oracle Secure Enterprise Search Administrator's Guide. This guide is available in the Oracle Secure Enterprise Search Online Documentation Library 10g Release 1 (10.1.8.2) available here on OTN: